back to article Pushdo botnet's smokescreen traffic hits legitimate websites

Cybercrooks behind the resilient Pushdo botnet are bombarding legitimate small websites with bogus traffic in order to camouflage requests to the zombie network's command and control servers. A varying cast of around 300 genuine (mostly smaller) websites is at the receiving end of queries from zombie drones infected with the …


This topic is closed for new posts.
  1. Lee Dowling

    "Let's hit our botnet by using HTTP requests with a constant string to a small group of static addresses."

    Well done, botnet writers. That'll help you evade people watching your traffic for sure!

    1. Anonymous Coward
      Anonymous Coward

      probably not the point

      But it does make the C&C takedown take longer because all of the non-C&C sites have to be proved innocent first...

      Or did I just miss something?

  2. Trev 2

    Ahhhh, so that's what the heck that strange URL was! Hit one of our very obscure and pretty much abandoned web sites a couple of weeks ago and sent bandwidth through the roof. Now going to the bit-bin, but how about sending all the traffic to - they can afford it.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021